For systems capable of using GRUB, the system must be configured with GRUB as the default boot loader unless another boot loader has been authorized, justified, and documented using site-defined procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4248 | GEN008660 | SV-42186r1_rule | ECAR-1 ECAR-2 ECAR-3 | High |
| Description |
|---|
| GRUB is a versatile boot loader used by several platforms that can provide authentication for access to the system or boot loader. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2017-03-01 |
Details
| Check Text ( C-40580r1_chk ) |
|---|
| Determine if the system uses the GRUB boot loader; # ls -l /boot/grub/grub.conf If no grub.conf file exists, and the bootloader on the system has not been authorized, justified, and documented, this is a finding. |
| Fix Text (F-35823r1_fix) |
|---|
| Configure the system to use the GRUB bootloader or document, justify, and authorize the alternate bootloader. |